Virgin Media Business

Smart Internet Access (SIA) from Virgin Media O2 Business

Smart Internet Access combines one of the UK’s largest and best-connected networks with Cisco’s award-winning Meraki MX enterprise security and SD-WAN appliance to provide reliable, fast and safe connectivity that puts Buyer in control, giving visibility and ability to make changes via the cloud-based Meraki dashboard.

Features

• Internet connectivity from 100Mbps to 10Gbps
• Various access types including dedicated Ethernet, Cable, FTTP and DSL
• Meraki MX enterprise security and SD-WAN appliance included
• Tiered appliance licencing options to unlock features
• Resilient configurations available to ensure uptime
• Self-serve co-managed service via Meraki dashboard
• Fully installed, monitored and maintained 24x7
• Backed by business class SLA including restoration targets
• Service credits available for failing to meet SLA commitments

Benefits

• Fast connectivity from one of UK's best connected Internet providers
• Confidence in award winning, high performing Cisco Meraki MX appliance
• Choice of configurations to best meet buyer needs and budgets
• Maximise site availability and uptime with multiple connections
• Trusted and comprehensive network security assurance
• Simplified management via the Meraki cloud-based dashboard
• Buyer can analyse the network and makes changes quickly
• Access to expertise and resources
• Reduced capital expenditure on hardware and infrastructure
• Focus on core business objectives while outsourcing network management

£1,087 a unit a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicprocurement@virginmedia.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

116935048774658

Contact

Diane Murray
07973 622296
publicprocurement@virginmedia.co.uk

Service scope

• Service constraints: Orders may be subject to survey. The capability of each Meraki MX model has constraints throughput, VPN limitations and concurrent sessions. Some features of the Meraki MX may also require specific licensing levels to access. It is the responsibility of the Buyer to ensure that the chosen Meraki MX device and licensing is appropriate for their service.
• System requirements: Adequate space and power and temperature control are required.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Customer support is active 24/7
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Onsite support
• Support levels: The Supplier delivers Incident Management 24x7x365. Our Service Desk delivers end to end service management to the buyer. The Technical Support Analysts (TSAs) are skilled across the entire Data, Voice product portfolio and 3rd party supplier management. The TSAs are located within Service Desk and it is from here that the incident or query is actively managed. It is the role of the TSA to provide the Buyer with proactive or reactive updates, carry out first and second level diagnostics, assign the fault or query to technical teams, on-site engineering groups or 3rd party suppliers and manage the end to end flow of the incident or query during its active life until resolution. The Buyer will benefit from enhanced levels of support with the incident or query if considered as a high priority, offering a call back within two hours after the fault or query has been logged with hourly updates given to the Buyer until incident or query has been resolved. Escalations can be raised by email, phone call, through our self-service incident portal Engage, or via our website. Our Service teams are available to support with queries and provide guidance.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Managed install with on-site engineer.; The engineer will supply, install, apply baseline configuration, test and handover the service to the Buyer.; Once the service has been handed over, the Buyers lead contact will receive various emails notifications including, install complete notification, Brought into Service (BIS) Certificate, and link to Welcome guide and other supporting documentation to help the Buyer tailor the configuration to their exact requirements.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: At the end of the contract, any data held by the Supplier will be made available to the Buyer. If the Buyer is unable to download their data using the online portal then it will be made available directly to them in a format that is mutually agreed.
• End-of-contract process: At the end of the Contract the Buyer will have a number of options they may utilise: • Standard notice and cessation process; the Buyer shall provide Notice to Terminate to the Supplier who shall end the Services on the date that the notice period allows • Professional Services; the Buyer can request any level of support required from the Supplier in order to exit the services, transition to a new supplier and/or collate their data and documentation. The Supplier offers a range of professional services that incorporate all project management, service management and technical roles. A rate card will be supplied upon request.

Using the service

• Web browser interface: Yes
• Using the web interface: Via the Meraki Dashboard users can perform a variety of tasks related to network management and security configuration. ; Users can:; •Define and manage firewall rules.; •Create and manage Virtual Private Networks (VPNs).; •Configure content filtering policies.; •Enable and configure intrusion detection and prevention settings.; •Monitor network traffic, view usage statistics, and analyse data to identify trends and potential issues.; •Set up alerts and notifications for network events such as security breaches or connectivity issues.; •View and manage the inventory of MX appliances deployed in their network.; ; User can't:; •Users cannot perform physical hardware configurations such as connecting cables or replacing hardware components.; •While basic troubleshooting tasks can be performed, users may not have access to advanced diagnostic tools or features available only through direct console access.; •Users cannot initiate firmware updates directly through the Meraki Dashboard for MX appliances. However, they can schedule updates and monitor the status of updates that are pushed automatically from the cloud.; •Depending on the specific MX model and license, users may not have access to configure advanced features like Deep Packet Inspection (DPI) directly through the dashboard.
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: The Meraki Dashboard can be accessed through a web browser or app. ; The Meraki Dashboard is accessed through a web browser by navigating to the designated URL provided by the Supplier. ; The Meraki Dashboard app provides convenient access to the Meraki cloud-managed networking platform through mobile devices. Users can download the app from the Apple App Store or Google Play Store.; Users typically log in using their credentials, such as a username and password, to gain access to the dashboard interface. ; Once logged in, users can view and manage their network devices, configurations, security settings, and monitoring tools, all within the intuitive and user-friendly dashboard interface.; This cloud-based platform allows for convenient access from anywhere with an internet connection, providing administrators with centralized control over their Meraki network infrastructure.
• Web interface accessibility testing: None
• API: No
• Command line interface: No

Scaling

• Scaling available: No
• Independence of resources: For dedicated Ethernet service access type, the bandwidth is dedicated to the Buyer.
• Usage notifications: Yes
• Usage reporting: Other
• Other usage reporting: Configurable via the Meraki Dashboard.

Analytics

• Infrastructure or application metrics: Yes
• Metrics types: Network
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: No
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: No

Data-in-transit protection

• Data protection between buyer and supplier networks: Private network or public sector network
• Data protection within supplier network: IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: The service is offered as standalone or with a range of resilience options. Availability ranges from 99.8% for standalone up to 99.99% for resilient, depending on purchased topology.
• Approach to resilience: Resilience is achieved through a second connection, with automatic failover Resilience options include: Ethernet, SOGEA, FTTP, Cable Second connection can be hosted in a second router
• Outage reporting: Configurable via the Meraki Dashboard.

Identity and authentication

• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Management access is strictly controlled and restricted to qualified and authorised network engineers only using the following secure access control methods: - Secure Shell Sessions (SSH) - IPSEC / TLS v1.3 encryption - Strong authentication techniques via AAA TACACS
• Access restriction testing frequency: At least once a year
• Management access authentication: Other
• Description of management access authentication: Management access is authenticated via AAA TACACS+ server validation of username and password credentials.
• Devices users manage the service through: Dedicated device over multiple services or networks

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Standards Institution
• ISO/IEC 27001 accreditation date: 23/01/2022
• What the ISO/IEC 27001 doesn’t cover: The ISO 27001 certificate covers the protection of Buyer and Supplier employee information that is managed within the Supplier's organisation.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • ISO 22301 Business Continuity Management
  • ISO 20000 IT Service Management

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: • Cyber Essentials Plus • ISO 20000 IT Service Management • ISO 22301 Business Continuity Management • ISO 9001 Quality Management System
• Information security policies and processes: The Supplier has its own information security policy based on ISO 27001, with established internal processes for handling security events. The Supplier has in place security teams dedicated to specific areas, and is audited regularly by external auditors to ensure compliance.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: The Supplier follows an internal configuration and change management process. Each change is processed through the following stages: Identifying the details of the change; Assessing the operational and security impact of the change; Gaining approval of the change; Authorising and scheduling the change; Notifying stakeholders about the change; Implementing the change; and Closing the change following review.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Processes based on ISO 27001 standards are in place to discover security vulnerabilities involving a combination of vendor notifications, authenticated/unauthenticated vulnerability scanning using industry-leading security platforms and penetration testing. Risks are recorded, tracked and mitigated through an internal risk management framework.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We have a Systems Logging and Monitoring process governs protective monitoring. We use automated logging extensively using SIEM software in our network and IT infrastructure. This monitors user activity, configuration changes and to measure performance/compliance. We also use a range of tools to inspect, analyse and risk assess device event logs to detect suspicious activity incidents as well as report on overall pattern of usage. All potential compromises and incidents are tagged with a priority category and response times will vary depending on their priority level.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Our Incident Management approach is based on ISO 27001 standards. It governs the processes in place to manage incidents detected by our monitoring systems or reported by Buyer. The process defines how the Supplier will manage the lifecycle of an incident, from identification to closure. The process includes pre-defined processes for common events. Users can report incidents to the Supplier's IT Service Desk. All information related to incidents are logged on our system to provide a full audit trail.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: ISO 14001 certified which includes energy-efficient processes on site, such as water, lighting and recycling.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  The Supplier’s approach to protecting the environment is detailed in our Environment Policy and guided by certification to internationally recognised standards and systems including ISO14001:2015. The Supplier has internal policies regulating water usage, waste disposal, minimising single-use plastics and carbon emission reduction. ; ; In April 2023, we received validation from the Science Based Target initiative (SBTi) for the following carbon-reduction goals: ; • Net zero by 2040 with a 90% reduction in value chain emissions (Scope 1, 2 and 3). ; • Reducing operational emissions (scopes 1 and 2) by 90% and scope 3 emissions by 50% by the end of 2030.; • Reducing operational emissions (scopes 1 and 2) by 60% and scope 3 emissions by 25% by the end of 2025. ; ; As of February 2024, the Supplier has reduced operational emissions by 45% (baseline FY2020). Here are some examples of the actions we’re implementing to achieve our goals:; • A stringent Code of Conduct requiring suppliers to have a board-approved carbon reduction plan with SBTi-aligned Net Zero goals and interim targets.; • Continuing to source 100% renewable electricity to power our network where we control the bill.; • Delivering a Mast De-Carbonisation Project to drive the landlords of third-party sites to source green electricity. In 2023, the Supplier has de-carbonised 1,128 masts.; • Transitioning our fleet of over 4,000 vehicles to electric by the end of 2030.; • Free-of-charge carbon footprint estimations for our solutions, so customers are better equipped to implement technology sustainably. Our model has been certified by the Carbon Trust.; ; The Supplier also aims to achieve zero waste operations and zero waste products by the end of 2025. To support this, all customers (including public sector organisations) can receive cash for trading in their unwanted devices and a minimum of 95% of this waste is recycled.

  Covid-19 recovery

  Immediate response to the pandemic:; The Supplier’s priority during the COVID-19 pandemic was to ensure that communities were safe and supported. Actions included:; • Providing 40GB of free data a month to support home-schooling families struggling to connect during lockdown. ; • Offering any customer who worked for the NHS an extra 10GB of data monthly for six months from Summer 2020. ; • Partnering with environmental charity, Hubbub, to launch ‘Community Calling’, which works with 400+ local community organisations to re-distribute smartphones to people who need them most. ; • Offering vulnerable customers on mobile contracts unlimited minutes and an extra 10GB of data ; • Launching an Essential Broadband tariff for existing customers who receive Universal Credit, Pension Credit, Income Support, Income-based Jobseekers Allowance and/or Income-based Employment Support. ; ; Continued support for those impacted by COVID-19: ; The Supplier recognises that COVID-19 exacerbated existing economic and social challenges, and created new ones, so we’re continuing to contribute to economic recovery and support the most vulnerable. Actions include:; • Continuing to provide return-to-work opportunities – the Supplier recently announced 200 new entry-level positions being created in 2024.; • To ensure our customers can access the information they need, the Supplier offers over 60 zero-rate sites including National Energy Action, Citizens Advice and National Debtline.; • 9.7 million people are now eligible to benefit from the Supplier’s Essential Broadband tariff.; • In 2022, the Supplier provided a £400,000 grant fund to launch the Tech Lending Community. This initiative makes tablets and free data available to community organisations supporting vulnerable individuals across the UK, all while extending the life of second-hand tech. ; • In June 2021, the Supplier announced its support for the ‘Together Coalition’, by offering grants of £1,000 to 400 small charities that champion and celebrate the community spirit, belonging and togetherness across the UK.

  Tackling economic inequality

  The Supplier is committed to tackling economic inequality across the UK. This includes: ; • Hiring over 2,600 apprentices since our award-winning scheme began in 2008. Our ‘blind recruitment’ process opens opportunities to those who have potential but may lack relevant experience.; • Working with organisations, such as ‘Blind in Business’ and ‘Step into STEM’ to help create opportunities for groups often facing barriers to employment. ; • Supporting business creation and growth, through Wayra (start-up cohort) and 5G accelerator hubs. ; • Hosting a virtual work experience programme for 14–16-year-olds, focused on driving diversity in STEM careers.; ; The Supplier works directly with our customers to provide employment and upskilling opportunities in their communities. For example, our nationwide network of 170+ ‘Future Careers Ambassadors’ provides support and guidance to pupils from groups traditionally underrepresented in STEM. The Supplier pays around £2.5m every year through the Apprenticeship Levy and has spent 55% of the levy to date on apprenticeships (versus a UK average of 39%). ; ; Additionally, the Supplier has a significant focus on addressing digital exclusion since this is a key barrier to economic equality. By 2025, we aim to:; • Connect 1 million digitally excluded individuals.; • Equip 6 million people with digital skills, confidence, and tools.; ; The Supplier’s customers benefit from access to subject matter experts in this space, as well as our established partnerships. Our digital inclusion initiatives include:; • Partnership with the Good Things Foundation to create the National Databank, which provides free-of-charge SIMs for individuals experiencing data poverty. Since 2022, over 78,568 SIMs have been distributed. ; • The Supplier’s nationwide ‘Connect More’ programme enables our employees to use their five paid volunteering days to deliver digital skills training through local authority and third-sector drop-in centres. ; • As part of our ‘Community Calling’ initiative, over 18,292 phones have been re-homed.

  Equal opportunity

  The Supplier is dedicated to tackling inequality and enabling everyone across the UK to fulfil their potential.; The Supplier’s diversity, equity, and inclusion strategy, ‘All In’, sets bold ambitions to be achieved by 2027. These are measured and reviewed regularly to ensure that the Supplier is on track.; To support ‘All In’, the Supplier has created an Inclusive Recruitment Programme to ensure our end-to-end recruitment journey for internal/external talent is fully inclusive.; The Supplier also reduces barriers through our policies aimed at providing the right support and flexibility for all employees. This includes:; • Industry-leading Family Friendly people policies which include up to 26 weeks’ paid maternity and adoption leave, 14 weeks’ paternity leave and up to 12 weeks’ paid neonatal leave, plus paid time off for caring, bereavement, emergencies, and more.; • Optimising our workplace adjustment process in collaboration with industry leaders, ‘Microlink’.; • Our ‘Work Smarter, Live Better’ hybrid working policy empowers our people to work in a way that helps them thrive.; • Integrating an ‘Adjustment Passport’ into our HR system, which provides comprehensive documentation of the accommodations provided for employees. This eliminates the necessity to divulge personal information.; • Regularly collaborating with our employee networks which represent the LGBTQ+ community, gender, disabled people, people who are neurodivergent, unpaid carers, and underrepresented ethnic groups.; • Signing up to the Government’s Disability Confident scheme and working towards achieving the Level 2 Disability Confident Leader standard. ; • Attaining the 'Carers Confident' Level 1 classification and actively progressing toward Level 2. ; • Funding gender transition treatment for our transgender and non-binary employees and helping them access medical care and support.; ; Additionally, all our suppliers must provide a Modern Slavery Transparency Statement detailing the actions they have taken to minimise the risk of Modern Slavery in their operations and supply chains.

  Wellbeing

  Improving Health and Wellbeing:; The Supplier promotes a culture of health, education, and wellbeing so that we can support all employees, both personally and professionally. ; Our ‘Thrive’ programme provides a comprehensive range of advice, tools and policies to ensure our people can be their best at work. As part of Thrive, our employees have free 24/7 access to confidential support and advice from trained therapists via Bupa Healthy Minds. Our people can also access free online treatment, such as Computerised Cognitive Behavioural Therapy.; The Supplier offers the following management development modules: ; 1) Stamp Out Stigma: Managers’ mental health awareness; 2) Anxiety and Depression: Managers’ toolkit; 3) Workplace Stress: Managers’ survival kit. ; To support physical wellbeing, the Supplier’s employees are enrolled on the Bupa Medical plan from day one. Our people can even choose to extend this to their partner and/or children by paying an amount every month. The Supplier also offers a Ride-to-Work scheme to help our people improve their fitness, reduce their carbon footprint, and save money on the cost of a bike. ; Personal development also has a crucial role in wellbeing, so the Supplier ensures that our people have the right knowledge, skills and behaviours to reach their full potential. We have a wealth of learning and development tools available, including unlimited access to 16,000+ online courses on LinkedIn Learning, which are taught by passionate real-world professionals.; ; Community Integration:; When delivering social value propositions, the Supplier prioritises collaborating with the community to help deliver a shared vision for the area. This includes partnering with the public sector, private sector, and third sector.; Additionally, all the Supplier's employees have five paid volunteering days per year to support and connect with their local communities, digitally and in person. Since 2023 alone, our people have supported over 443 charitable causes.

Pricing

• Price: £1,087 a unit a year
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicprocurement@virginmedia.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.